hook_node_access_records_alter

Node access modules establish rules for user access to content. Node access
records are stored in the {node_access} table and define which permissions
are required to access a node. This hook is invoked after node access modules
returned their requirements via hook_node_access_records(); doing so allows
modules to modify the $grants array by reference before it is stored, so
custom or advanced business logic can be applied.

Upon viewing, editing or deleting a node, hook_node_grants() builds a
permissions array that is compared against the stored access records. The
user must have one or more matching permissions in order to complete the
requested operation.

A module may deny all access to a node by setting $grants to an empty array.

Related topics

Code

<?php
functionhook_node_access_records_alter(&$grants, $node) {
// Our module allows editors to mark specific articles with the 'is_preview'
// field. If the node being saved has a TRUE value for that field, then only
// our grants are retained, and other grants are removed. Doing so ensures
// that our rules are enforced no matter what priority other grants are given.
if ($node->is_preview) {
// Our module grants are set in $grants['example'].
$temp = $grants['example'];
// Now remove all module grants but our own.
$grants = array('example' => $temp);
}
}
?>